NAT

Tien_Huy1995 · ‎02-20-2017

how to config NAT?

Julio E. Moisa · ‎02-20-2017

Hi

Are you going to configure it on a firewall or router? There are 3 types of NAT:

- Static NAT
- Dynamic NAT
- PAT (Port Address Translation)

Example of static NAT

It is a NAT for one to one.

interfaces fa0/0
description INTERNAL-NETWORK
ip nat inside

interface fa0/1
description PUBLIC-NETWORK
ip nat outside

ip nat inside source static <Private IP> <Public IP>

Example of dynamic NAT

In this type of NAT you can use a pool of public IP addresses to translate the internal networks to them:

interfaces fa0/0
description INTERNAL-NETWORK
ip nat inside

interface fa0/1
description PUBLIC-NETWORK
ip nat outside

ip access-list standard PRIVATE-NET
permit 192.168.0.0 255.255.0.0

ip nat pool TESTPOOL 140.X.Y.10 140.X.Y.12 Netmask 255.255.255.0 (this pool include the IP. 10, 11 and 12 only)

IP NAT INSide SOUrce LIst PRIVATE-NETS pool TESTPOOL

Example of a PAT configuration:

This kind of NAT uses an unique source port number translation, instead of IP address translation. Port Numbers are 16-bit binary numbers and we have 65535 port numbers available. This kind of NAT is commonly used because you don't wast public IP addresses, You only need one Public IP.

Step 1) Configure the interfaces to be inside and outside

interfaces fa0/0
description INTERNAL-NETWORK
ip nat inside

interface fa0/1
description PUBLIC-NETWORK
ip nat outside

Step 2) Match the private subnets that will be translated to public IP

ip access-list standard PRIVATE-NET
permit 192.168.0.0 255.255.0.0

Step 3) Configure the NAT command line to translate the private addresses to a public IP

ip nat inside source list PRIVATE-NET interface fa0/1 overload

** If you are using your NAT config to reach Internet access, also remember to include a default route pointing to your ISP. The router where the NAT will be applied must know the subnets that you will translate.

This link could be useful:

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt-book/iadnat-addr-consv.html

Please rate the comment if it was useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

paul driver · ‎02-20-2017

Hello

Just like to add you can utilize Domain-less NAT ( NVI NAT) which differs from Domain based nat regards order of operations and route lookups.

Domain Based - (route lookups performed either before of after nat translation - Subject to default nat order
interface x/x
ip nat inside/outside

Domain-less (NVI) Based - (route lookups performed before AND after nat translation, uses Nat Virtual Interface NVI)

interface x/x
ip nat enable

res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Tien_Huy1995 · ‎02-20-2017

Thanks!

Julio E. Moisa · ‎02-20-2017

You are welcome

:-)

Have a good day!

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Tien_Huy1995 · ‎02-21-2017

Do u know ebooks to study ccna ?

Julio E. Moisa · ‎02-21-2017

Hi

I recommend these books:

http://www.ciscopress.com/markets/detail.asp?st=44711

and

First steps for routing and LAN switching

http://www.ciscopress.com/search/index.asp?query=first+step

:-)

Theory and Practice is the key.

Hope it is useful.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Tien_Huy1995 · ‎02-23-2017

do u know web or forum to study ccna,ccnp , these book to much for me

Julio E. Moisa · ‎02-23-2017

Hi my friend,

No worries, you could verify the topics of each certification and investigate them through internet one by one.

http://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-routing-switching.html#~exam

Also you can create discussions through the Cisco Learning community:

https://learningnetwork.cisco.com/welcome

Other option is buy used books.

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Tien_Huy1995 · ‎02-23-2017

ok ,very helpful :)